Cisco says acquisitions don't impede best-of-breed

At the Security Standard Conference, Cisco deflected criticism that its acquisitions are hurting innovation by pointing to the maturing security market

By Matt Hines

InfoWorld|Sep 10, 2007

Cisco executives speaking at the ongoing Security Standard Conference claim that the networking giant hasn't sapped innovation in the security companies it has acquired in its efforts to add to its own expanse of IT systems-defense products, while some customers clearly feel otherwise.

Taking the stage at the conference in Chicago on Monday to participate in a panel on Cisco's vision for warding off emerging threats and spam, the company's top security executives, and former IronPort Chief Executive Scott Weiss, defended the firm's growth-via-acquisition strategy.

Cisco finalized its $830 million buyout of IronPort in June -- only the latest in a long string of such security acquisitions. The company has already begun blending the messaging and malware filtering gateway specialist's technologies into its firewalls, which the executives claim has created a new capability to provide customers with "wide packet inspection," an approach that adds reputation-based anti-attack capabilities to the systems' existing virus and spam detection abilities.

Such integration work illustrates the fact that Cisco is improving the ability of its customers to defend their networks from attack and that the firm is serious about innovation and not just attempting to grow its revenues or boost sales of its networking gear by snapping-up other security vendors, Weiss told the assembled audience.

Asked by a conference attendee whether major platform providers like Cisco, Microsoft, and IBM will continue to swallow smaller security companies, along with industry giants like Symantec, and how that will impact the availability of the cutting-edge technologies often developed by independent vendors, Weiss said that more consolidation is likely inevitable.

Yet he also acknowledged that some niche players will continue to do well on their own.

"All the [venture capital] firms that are into small security companies will likely make out like bandits, and there will be a scrum to get the good stuff," said Weiss, who is still heading up IronPort inside Cisco. "Bigger companies will have to decide whether to build, buy, or partner."

Weiss highlighted Webroot, the anti-spyware software company that industry watchers have long tabbed for acquisition based on its specialized focus -- and which continues to defy those predictions and grow on its own -- as an example of the type of vendor that will be able to compete in a world where security is being driven further into other broadly-distributed IT platforms, such as Cisco's ubiquitous networking gear.

"I think we'll continue to see new Webroots pop-up that can help deal with new threats," he said. "The issue for these companies is how broad is their platform and how to carve a significant portion of the infrastructure out; they have to ask themselves if their technology is broad enough to support a large, profitable company."

Along with the benefits of melding together complimentary technologies, such as gateway filtering tools and firewalls, Weiss claims that customers are seeking integrated technologies from single vendors and increasingly looking for "one throat to choke" when selecting security tools.

"Users of these technologies want products that talk to each other and have collaborative interfaces," he said.

Customers worry about consolidation

However, some existing Cisco customers claim that they are troubled by the continued pace of security industry consolidation.

Even if Cisco can add many of the pieces that customers seek, it will likely not be able to provide technologies that are as innovative and effective as those made by independent vendors in some areas, said Waqas Akkawi, senior manager of IT security at Sirva, the moving giant that owns Allied Van Lines, Global Van Lines, and North American Van Lines, among other subsidiaries.

Akkawi said that Cisco excels in some areas of security where it has experience, namely in network-based tools, but he noted that even some of those products, such as its IDS (intrusion detection systems) and IPS (intrusion prevention systems), also added via various acquisitions, don't measure up to those made by standalone providers.

"Cisco is good at what they do naturally, as with firewalls, routers and switches, but they haven't done a good job on things like IPS and IDS where some other niche companies do a better job," said Akkawi. "In a lot of cases I think customers would be better off if these types of companies partnered instead of doing acquisitions or trying to build functionality into their existing products on their own. Sometimes a niche product that integrates well is going to be better than what these guys are talking about."

Akkawi, who is a Cisco-certified IT pro, said that Sirva is constantly considering whether or not to go best-of-breed with independent vendors or buy into integrated security products like those being integrated by platform providers like Cisco's IronPort buyout.

"These acquisitions will only work if a platform provider like Cisco can build the acquired technology into things they already do well. In some cases, these types of companies haven't been able to integrate everything they've bought, and we've seen some best-of-breed products go away," he said. "[Sirva] will likely continue to go fifty-fifty in terms of the integrated products we choose to buy, and the others we seek out to get true best-of-breed functionality."

Many IT platform providers have moved aggressively in recent years to add security to their portfolios where it fits, as with EMC's buyout of authentication specialists RSA, along with IBM and HP's recent moves to add applications testing capabilities to their software development platforms via acquisition.

The nature of the security industry is such that certain functions will be parceled into such widely-used technologies, while other newer tools will likely emerge from independents, said Mick Scully, vice president of product management at Cisco's Security Technology Group.

Scully countered that despite any perception of cutting at innovation, Cisco is creating many new technology combinations that customers have responded well to, allowing its overall security business to crest $2 billion in revenues in the firm's fiscal 2006, representing a 25 percent annual growth rate in its overall security business.

"There will always be a balance between best-of-breed and integrated security. The beauty of the market is that it is constantly changing at a rapid pace, and we will always see startups who address specific problems," Scully said. "But if you look at an acquisition like IronPort, we've left it almost entirely intact, run by the same team, even as we push its technologies into other products."

Scully also highlighted the fact that Cisco has proven its chops as a security innovator, such as in creating the burgeoning market for

NAC device authentication systems.

He said that Cisco itself views its acquisitions as fifty-fifty propositions, looking for as many opportunities to continue to innovate the technologies its buys as it seeks opportunities to fold them into its other product lines.

"It's an interesting dichotomy, I sort of see what these customers are saying, but we also believe that our standalone products, such as our NAC appliances, are already best-of-breed," Scully said. "As niche security markets become mature, merchant markets, we are going to look to get into those markets where we fit in; but we're also doing a lot of organic product development on our own, and we feel that we can offer best-of-breed capabilities in the security markets we compete in."